CheckUser status

CheckUser is an interface for users with the checkuser permission. A user with CheckUser status on a wiki can in particular check if a user is a sockpuppet of another user on that wiki (not on all wikis). By using it, users are able to:

Determine from which IPs a user has edited or done a logged action or password reset on the Wikimedia wiki;

Determine the edits, logged actions and password resets on the Wikimedia wiki of a specific IP (even when logged in);

Determine whether the user being checked has sent an email using MediaWiki interface to some other user. The time of the event is logged, the destination email address and user ID are obscured.

This information is only stored for a short period (currently 90 days), so edits made prior to that will not be shown via CheckUser. A log is kept of who has made which queries with the tool. This log is available to those with the checkuser-log permission:

Use of the tool

The tool is to be used to fight vandalism, spamming, to check for sockpuppet abuse, and to limit disruption of the project. It must be used only to prevent damage to any of the Wikimedia projects.

The tool should not be used for political control; to apply pressure on editors; or as a threat against another editor in a content dispute. There must be a valid reason to check a user. Note that alternative accounts are not forbidden, so long as they are not used in violation of the policies (for example, to double-vote or to increase the apparent support for any given position).

Notification to the account that is checked is permitted but is not mandatory. Similarly, notification of the check to the community is not mandatory, but may be done subject to the provisions of the privacy policy.

Some wikis allow an editor's IPs to be checked upon his or her request if, for example, there is a need to provide evidence of innocence against a sockpuppet allegation; note, however, that requesting a checkuser in these circumstances is sometimes part of the attempt to disrupt.

Privacy policy

On Wikimedia projects, privacy policy considerations are of tremendous importance. Unless someone is violating policy with their actions (e.g. massive bot vandalism or spam) and revealing information about them is necessary to stop the disruption, it is a violation of the privacy policy to reveal their IP, whereabouts, or other information sufficient to identify them, unless they have already revealed this information themselves on the project.

Information release

Even if the user is committing abuse, it's best not to reveal personal information if possible.

Generally, do not reveal IPs. Only give information such as same network/not same network or similar. If detailed information is provided, make sure the person you are giving it to is a trusted person and will not reveal it himself/herself.

If the user has said they're from somewhere and the IP confirms it, it's not releasing private information to confirm it if needed.

Only stewards, some Wikimedia Foundation staff, ombudsmen, and a very small number of other users are allowed to have CheckUser access. Users can only have CheckUser status locally (except for the ombudsmen and those staff members with access).

If local CheckUsers exist in a project, checks should generally be handled by those. In emergencies, or for multi-project CheckUser checks as in the case of cross-wiki vandalism, stewards may perform local checks. Stewards should remove their own CheckUser access on the projects upon completion of the checks and notify the local CheckUsers or the CheckUser e-mail list.

If no local Checkusers exist for a project, requests will need to be made to the stewards to perform checks (such as "is UserX a sockpuppet of UserY"). To do so, simply add the request to Steward requests/Checkuser listing these users and explain the need for the check (with links). Depending on the nature of the request, the steward may deny it, may ask for more information, or may answer about the likelihood of the users in question having the same IP, same proxy, same network, same country, or being completely unrelated (see discussion for what the Steward should more precisely say to the editor).

Appointing local Checkusers

On any wiki, there must be at least two users with CheckUser status, or none at all. This is so that they can mutually control and confirm their actions. In the case where only one CheckUser is left on a wiki (when the only other one retires, or is removed), the community must appoint a new CheckUser immediately (so that the number of CheckUsers is at least two).

On wikis with an Arbitration Committee (ArbCom) whose members have been elected with the support of at least 25–30 members of the local community, CheckUsers may be directly appointed by the Arbitrators. After agreement, a member of the Committee should simply list the candidate on Steward requests/Permissions.

On a wiki without an Arbitration Committee that meets the criterion above, or in a project where there is a preference for independent elections, the community may approve local CheckUsers (stewards not counting as local CheckUsers) per consensus. The CheckUser candidate status must request it within the local community and advertise this request properly (village pump, mailing list when available, special request page, etc.). The candidate must be familiar with the privacy policy. After gaining consensus (at least 70%–80% in pro/con voting or the highest number of votes in multiple choice elections) in the local community, and with at least 25–30 editors' approval, the successful candidate should request access at Steward requests/Permissions with a link to the page with the community's decision. If there are an insufficient number of votes for at least two CheckUsers on a wiki, there will be no CheckUsers on that wiki.

Mailing list

There is a closed mailing list (CheckUser-l) to which all stewards and checkusers should have access. Email the list moderators to gain access. Use this mailing list to ask for help, ideas and second opinions if you're not sure what the data means.

IRC channel

There is a private IRC channel (#wikimedia-checkuser) to which all stewards and checkusers who use IRC should have access. This channel serves the same purpose as the mailing list, but in real-time. Contact any channel member to gain access; a channel manager will grant permanent access. Ask a steward if you need help gaining access.

Removal of access

Any user account with CheckUser status that is inactive for more than one year will have their CheckUser access removed.

In case of abusive use of the tool, the Steward or the editor with the CheckUser privilege will immediately have their access removed. This will in particular happen if checks are done routinely on editors without a serious motive to do so (links and proofs of bad behavior should be provided).

Suspicion of abuses of CheckUser should be discussed by each local wiki. On wikis with an approved ArbCom, the ArbCom can decide on the removal of access. On wikis without an approved ArbCom, the community can vote removal of access.

Complaints of infringement of CheckUser, Access to Nonpublic Information Policy or Privacy Policy breaches are handled by the Ombudsman commission for all Wikimedia projects.